Search our Knowledge Base sites to find answers to your questions.
Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles20.2R2-S1: Software Release Notification for JUNOS Software Version 20.2R2-S1
Junos Software service Release version 20.2R2-S1 is now available.
PR Number | Synopsis | Category: Marvell based EX PFE L2 |
---|---|---|
1520351 | On the EX4600 and EX4300 Virtual Chassis or Virtual Chassis Fabric, the VSTP configurations device goes unreachable and becomes nonresponsive after commit. Product-Group=junos |
On QFX5100 or EX4600 in mix-VC (Virtual Chassis) scenario when the QFX5100/EX4600 uses "PHY" port as VCP (Virtual Chassis Port) port, the VC system might get hanged and unreachable after committing the VSTP (VLAN Spanning Tree Protocol) configurations. |
PR Number | Synopsis | Category: EX2300/3400 platform |
1539293 | On the EX3400 and EX2300 switches, the upgrade fails due to the lack of available storage. Product-Group=junos |
On EX3400 and EX2300 devices, in spite of storage cleanup and and snapshot deletion through CLI commands, upgrade sometimes fails due to lack of storage space. This happens due to an increase in package size and due to logs accumulated over several upgrades and reboots. |
PR Number | Synopsis | Category: ACX L3 IPv4, IPv6 support |
1508534 | ACX may stop forwarding transit and control traffic Product-Group=junos |
The ACX500, ACX1000, ACX1100, ACX2100, ACX2200, and ACX4000 platform may stop forwarding transit and control traffic due to DMA stuck issue with SDK. |
PR Number | Synopsis | Category: BBE Layer-2 Bitstream Access |
1551207 | PPPoE subscribers login failure may happen Product-Group=junos |
In Broadband Network Gateway (BNG) scenario where Layer-2 Bitstream Access (L2BSA) and PPPoE subscribers are working on the same interface/VLAN, PPPoE subscribers login may get stuck in a pending state, if the IN-FLIGHT flag of L2BSA is not cleared after its Port-Up packet is rejected by RADIUS, and during this process, another Port-Up for the same access-loop arrives. |
PR Number | Synopsis | Category: MX Platform SW - UI management |
1537194 | Chassisd memory leak may happen Product-Group=junos |
Multiple configuration commits may cause memory leak in chassisd. |
PR Number | Synopsis | Category: Firewall Policy |
1546120 | Traffic might be dropped unexpectedly when the url-category match condition is used on a security policy Product-Group=junos |
An issue was discovered within Unified Policies that affected the url-category match condition that can cause it to "over-match" and apply to more traffic than it should. This can result in the SRX dropping traffic that would otherwise be permitted |
PR Number | Synopsis | Category: vMX Data Plane Issues |
1544856 | The riot forwarding daemon crash might be observed on vMX based platforms configured with IRB interface Product-Group=junos |
On vMX based platforms enabled with IRB interface, the riot forwarding daemon crash might be observed which could lead to traffic loss. |
PR Number | Synopsis | Category: Interface related issues. Port up/down, stats, CMLC , serdes |
1538340 | Interfaces are not created after channel-speed 10g is applied across ports 48 to 53 on QFX5100-48T Product-Group=junos |
After channelizing port 48 through 53 and channel speed, the interfaces are down on QFX5100-48T platform. This issue causes interfaces are deleted and traffic might be dropped. |
PR Number | Synopsis | Category: DHCP related Issues |
1551710 | [EMC CNTR] DHCP V6 is not working for qfx5110-48s-4c Product-Group=junos |
DHCPv6 traffic received over vtep will not be forwarded out of the device post decap. QFX5k devices (RIOT devices) will copy the packets to CPU and it won't be reinjected from PFE hostpath due to this issue. |
PR Number | Synopsis | Category: VNID L2-forwarding on Trio |
1517591 | no-arp-suppression is required for MAC learning across the EVPN domain on the static VTEP. Product-Group=junos |
O On MX Series platform, with Ethernet VPN and Virtual Extensible LANs (EVPN-VXLAN) implemented, the Address Resolution Protocol (ARP) requests received on VXLAN tunnel endpoint (VTEP) might not forward to customer edge (CE) side or proxy ARP role on VTEP might not work properly. This issue might occur when the 'no-arp-suppression' configuration statement is disabled under EVPN instance combined with static VXLAN implementation. Please refer to the workaround provided when this issue hit. |
PR Number | Synopsis | Category: VSRX platform software |
1524243 | The control link might be broken when there is excessive traffic load on the control link in vSRX cluster deployment. Product-Group=junosvae |
In the vSRX2.0 cluster running on KVM, when there is excessive traffic load on the control link (em0 link), the error message kernel: em0: watchdog timeout on queue 0 might be shown in the syslog. This interruption might cause the cluster control link to fail and dynamic routing protocols not to work properly. |
1551419 | Config integrity mismatch error in vSRX3.0 running on Azure with key-vault integrated Product-Group=junos |
On vSRX3.0 running on Azure and with HSM(key-vault) integrated, config hash mismatch failure will be observed on 'commit check' operation followed by 'commit' operation. System software halt might be triggered as a result. |
PR Number | Synopsis | Category: EX2300 Hardware |
---|---|---|
1369924 | EX2300 - Watchdog reset is shown as Swizzle Product-Group=junos |
On EX2300, when watchdog is induced, the last reboot reason is shown as Swizzle Reboot. |
1463583 | EX2300-48MP-VC Rebooting randomly Product-Group=junos |
EX2300-48MP-VC Rebooting randomly. There is no any core getting generated, its rebooting silently and randomly. There are no any syslogs, console logs getting generated before reboot. Reboot reason is showing as normal reboot. |
PR Number | Synopsis | Category: EX4300 VC implementation |
1526493 | EX4300-48MP device might go out of service during a software upgrade operation Product-Group=junos |
On EX4300-48MP platform, when a software upgrade operation is issued, the storage available for the Junos virtual Machine(VM), at the hypervisor level, can fall low. This can result in the Junos VM going into a hung or paused state. A reboot of the device is required to restore service on the device. |
PR Number | Synopsis | Category: EX2300/3400 PFE |
1543181 | Slaac-Snoopd child process core is observed upon Multiple Switchovers on RE Product-Group=junos |
Slaac-Snoopd core in the child process of slaac-snoopd daemon is seen when Old Master transition to Master happens again. It means when RE has undergone 2 switchovers starting from Mastership role and again regaining the Mastership role after second switchover, slaac-snoopd core in the child process of slaac-snoopd daemon is observed. However it was observed that the core has no impact on base functionality of slaac-snoopd daemon. |
PR Number | Synopsis | Category: QFX L3 data-plane/forwarding |
1529240 | [evpn_vxlan] [default_switch_instance] PFE error message seen on qfx5120-48y: BRCM-VIRTUAL,brcm_vxlan_riot_destroy_nh(),1494:Failed to delete egr_if(400138) err-Operation still running Product-Group=junos |
Sometimes when we perform "deactivate protocols bgp" on the QFX5k RIOT devices, we may see "BRCM-VIRTUAL,brcm_vxlan_riot_destroy_nh(),1494:Failed to delete egr_if(400138) err-Operation still running" error messages during arp_ndp clean up stage and these are harmless. |
PR Number | Synopsis | Category: MX Layer 2 Forwarding Module |
1546631 | MAC learning issue might happen when EVPN-VXLAN is enabled Product-Group=junos |
On MX platform, with Ethernet VPN and Virtual Extensible LANs (EVPN-VXLAN) implemented, Address Resolution Protocol (ARP) requests received on VXLAN tunnel endpoint (VTEP) might not forward to customer edge (CE) side or Proxy ARP role on VTEP might not work properly. This issue could happen when knob 'no-arp-suppression' is disabled under EVPN instance combined with static VXLAN implementation. Please refer to workaround provided when this issue hit. |
PR Number | Synopsis | Category: Bi Directional Forwarding Detection (BFD) |
1453705 | On the MX2010 Series routers, the BFD session on the IS-IS step up flaps during the ISSU - FRU upgrade stage. Product-Group=junos |
Bfd session flaps during ISSU only in mpc7e card(Bfd sessions from other cards of DUT to peer routers did not flap during ISSU). Issue is not seen frequently. |
PR Number | Synopsis | Category: EVPN Layer-2 Forwarding |
1526642 | The mac-ip table is not clean after clearing MAC table for MH host connecting to CRB leaf Product-Group=junos |
Clearing MAC routes results in triggering corresponding MAC+IP refresh requests. And if there is no response received for these requests, MAC+IP routes are deleted along with MAC route. At times, these MAC+IP refresh triggers (rearp) is not issued causing MAC+IP routes to stay even though MAC routes are deleted and CE device is not reachable. In such cases, MAC+IP clear can be issued for those macs and clear those MAC+IP routes. |
PR Number | Synopsis | Category: Express PFE CoS Features |
1545046 | Microburst absorption limitation on QFX5K Product-Group=junos |
QFX5120 has 32MB shared-buffer to absorb the bursty traffic. Multicast traffic can use maximum ~5 MB shared buffer as per default config. Any multicast burst more than 5MB size will get tail dropped due to buffer exhaustion. Multicast shared buffer partition size can be increased using "shared-buffer" CLI configuration. Refer below document for more information on shared buffer fine tuning on QFX5K platforms. https://www.juniper.net/documentation/en_US/junos/topics/concept/cos-qfx-series-buffer-configuration-understanding.html |
PR Number | Synopsis | Category: Express PFE including evpn, vxlan |
1548740 | EVPN-VXLAN: After 12hr of longevity with events, L3 traffic with destination to local host is dropped Product-Group=junos |
EVPN-VXLAN: After 12hr of longevity with events, L3 traffic with destination to local host is dropped |
PR Number | Synopsis | Category: Express PFE L2 fwding Features |
1454274 | After changing the vlan name on trunk interface, local host mac learning will be hold for more than 30 seconds Product-Group=junos |
After changing the vlan name on trunk interface while port is receiving continuous traffic for that vlan, local host mac learning will be hold for more than 30 seconds. In case of trunk port, when vlan name is changed, bridge domain entry is deleted from HW and new entry gets installed in HW. In meantime when new entry is yet to be installed in HW, port keeps receiving traffic for that vlan and learn source mac and notifies to PFE with old bridge domain id. PFE sw upon receiving this mac drops it as bridge domain and port mapping will not be present in Sw which is a must criteria for a Source mac received on an bridge domain. Once PFE drops the mac, upper layers (L2ALD) does not get this mac info and aging thread marks the hash index in HW as stale. Until that hash index is not cleared in Hw, same Source mac cannot be learnt on the same hash index. Ageing thread periodically scans one mac table out of 4 tables at a time in intervals of 10 seconds and checks for stale entries and clear the HW hash stale entry, and this time is almost 40-50 seconds based on the number of PFE chips in a FPC. In case of Access port, default bridge domain is installed in HW to receive untagged traffic and does not get deleted while changing vlan name associated to that access port. So this issue is not seen for access port. |
PR Number | Synopsis | Category: Microkernel for neo mpc |
1538131 | JDI-RCT:M/Mx: NPC crashed @ cmtfpc_mic_neo_state_check (mic_env=< optimized out>, mic_slot=< optimized out>) at ../../../../src/pfe/common/applications/cmt/jam/cmtfpc_pic_npc_jam.c:4808 Product-Group=junos |
This issue is due to Thread hogging for 2.5s after ISR registration during ISSU done phase causing a core at FPC. FPC will get rebooted with ISR registration again during normal init. This issue is specific to "3D 20x 1GE(LAN)-E,SFP" and "3D 20x 1GE(LAN)-EH,SFP" MIC types. |
PR Number | Synopsis | Category: FreeBSD Kernel Infrastructure |
1544222 | recovery snapshot creation fails for lack of space Product-Group=junos |
Power loss during software install can leave artifacts that consume space. These need to be included in package cleanup procedure. |
PR Number | Synopsis | Category: JUNOS Network App Infrastructure (for ping, traceroute, etc) |
1463622 | The cosmetic error messages of NTP time synchronization might be seen during device booting Product-Group=junos |
In NTP with the boot-server scenario, when the router or switch boots, the NTP daemon sends ntpdate request to poll the configured NTP boot-server to determine the local date and time. If the ntpdate is not activated correctly while the device is booting, the ntpdate might not work successfully. Then, some cosmetic error messages of time synchronization might be seen, but there is no impact with time update because the NTP daemon will update the time eventually. |
1474791 | JDI-RCT:M/Mx: errors @ sendto/sendmsg(10.50.36.33): No error: 0, no server suitable for synchronization found during reboot/ISSU Product-Group=junos |
Error might be seen upon rebooting because in some cases ntpdate may not be able to reach the boot-server. But this will not impact the time update because ntpd will update the time eventually. |
PR Number | Synopsis | Category: PTP related issues. |
1514066 | Sometimes external 1 pps cTE is slightly above Class B requirement of the ITU-T G.8273.2 specification. Product-Group=junos |
On some boot, External 1PPS may see upto 22ns cTE, while the 2way TE stays within 20ns. |
PR Number | Synopsis | Category: QFX L2 PFE |
1535555 | [evpn_vxlan] [default_switch_instance] PFE error message is seen in BRCM-VIRTUAL,brcm_virtual_tunnel_port_create() ,489:Failed NW vxlan port token(45) hw-id(7026) status(Entry not found) Product-Group=junos |
On a QFX5110 or 5120, when the Type 5 tunnels are destroyed, sometime we can see error messages "brcm_virtual_tunnel_port_create() ,489:Failed NW vxlan port token(45) hw-id(7026) status(Entry not found)". There is no functionality impact due to this. |
PR Number | Synopsis | Category: QFX EVPN / VxLAN |
1545517 | TPI-77795:20.2: BD creation failed for few vlans while switching from script config to profile config Product-Group=junos |
When the VxLANs are scaled to 4k and we try to load directly another set of 4k vxlans by replacing the existing 4k vxlans, sometimes there could be some vxlan creation failures. this is only seen once in multiple tries. |
1550279 | EVPN_VXLAN:BUM Loop occurred while modify VNI in l2-broadcast Product-Group=junos |
EVPN_VXLAN:BUM Loop occurred while modify VNI in l2-broadcast |
1550305 | EVPN_VXLAN : Traffic not load balanced by QFX10002 over ESI links with evpn_vxlan configured Product-Group=junos |
EVPN_VXLAN : Traffic not load balanced by QFX10002 over ESI links with evpn_vxlan configured |
PR Number | Synopsis | Category: MPC7/8/9 Interface Issues |
1473280 | The following error message might appear: Failed to complete DFE tuning. This error message has no functional impact and can be ignored. Product-Group=junos |
Even with the fix for PR 1463015, the "Failed to complete DFE tuning" syslog may appear. This message has no functional impact and can be ignored. |
PR Number | Synopsis | Category: ZT/YTpfe bridging, learning, stp, oam, irb software |
1435855 | Layer 2 over GRE is not supported in Junos OS Release 19.3R1. Even though, the configuration gets committed, the feature does not work. Product-Group=junos |
On MPC10E 3D MRATE-15xQSFPP, L2 over GRE is not supported. Although the configuration gets committed, the feature does not work. |
Getting Up and Running with Junos
Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search